An add-on for antivirus software that can scan across a computer network and trap malicious activity missed by the system firewall is being developed by an international team. Details are reported in the International Journal of Electronic Security and Digital Forensics. The research raises the issue that the developers of both operating systems and antivirus software must work more closely together to reduce the burden of malware on computer systems the world over.
The battle between malware authors and security researchers has changed dramatically in the last few years. The purpose behind malware was often for the sake of a prank, to expose vulnerabilities or for the sake of spite. Today, malware is more about stealing sensitive data and exploiting information for fraud, identity theft and other criminal intent. In addition, much malware is aimed at breaking systems through denial-of-service (DoS) attacks in the name of espionage, whether industrial or political or for “hacktivism”, whereby activists prevent legitimate users from accessing a site they see as the enemy to their cause.
Computer security systems that attempt to thwart the spread of malicious software, malware, often fall down at one of two points of failure. The first being the failure of the network to spot malicious data packets entering the system. The second is that once the network is breached, the antivirus software, which is the last line of network defense fails to identify the software intruder as malicious. Now, researchers in Jordan and the USA have devised an antivirus add-on that allows the AV software to scan the network data as well as applications and so trap malicious activity that the firewall and other defenses that work at the network have missed.
The system devised by computer scientists Mohammed Al-Saleh of Jordan University of Science and Technology in Irbid and Bilal Shebaro of St. Edward’s University, Austin, Texas, side-steps the problem of additional computing overheads placed on a network attempting to detect the spread of malware that may well be encrypted and avoids the issue of antivirus software becoming out-of-date the instant new malware is written and uploaded and the inevitable vulnerability that occurs during the AV scanning process.
Read more: Low-cost malware detection
The Latest on: Malware detection
via Google News
The Latest on: Malware detection
- Why organizations should consider HTTPS inspection to find encrypted malwareon June 25, 2020 at 6:08 am
Some 67% of all malware seen in the first quarter was delivered via HTTPS, according to security firm WatchGuard Technologies.
- Docker Images Containing Cryptojacking Malware Distributed via Docker Hubon June 25, 2020 at 3:58 am
With Docker gaining popularity as a service to package and deploy software applications, malicious actors are taking advantage of the opportunity to target exposed API endpoints and craft ...
- Lucifer: Devilish malware that abuses critical vulnerabilities on Windows machineson June 25, 2020 at 1:31 am
Researchers say the powerful malware has been “wreaking havoc” on Windows hosts. A new variant of powerful cryptojacking and DDoS-based malware is exploiting severe vulnerabilities in order to infect ...
- Most malware in Q1 2020 was delivered via encrypted HTTPS connectionson June 24, 2020 at 9:08 pm
Q1 2020 was delivered via encrypted HTTPS connections and 72% of encrypted malware was classified as zero day.
- This sneaky malware goes to unusual lengths to cover its trackson June 24, 2020 at 6:45 am
Glupteba creates a backdoor into infected Windows systems - and researchers think it'll be offered to cyber criminals as an easy means of distributing other malware.
- WatchGuard Technologies Report Finds Two-Thirds of Malware is Encrypted, Invisible Without HTTPS Inspectionon June 23, 2020 at 9:01 pm
WatchGuard® Technologies, a global leader in network security and intelligence, secure Wi-Fi, multi-factor authentication and advanced endpoint protection, today announced the release of its Internet ...
- Qualys Offers Remote Endpoint Protection Solution with Malware Detection to the U.S. Federal Market Via No-Cost 60-Day Piloton June 23, 2020 at 7:34 am
Qualys, Inc. (NASDAQ: QLYS), a pioneer and FedRAMP Authorized cloud-based IT, security and compliance solution provider today announced the availability of Qualys Remote Endpoint Protection for U.S.
- VirusTotal Adds Cynet's Artificial Intelligence-Based Malware Detectionon June 23, 2020 at 4:14 am
Google's multi-antivirus scanning service VirusTotal adds Cynet artificial intelligence-based malware detection ...
- BlackBerry and Intel Tackle Cryptojacking Malware With New Detection Toolon June 22, 2020 at 7:40 am
Software firm BlackBerry and tech giant Intel have joined the fight against crypto-mining malware with the launch of a detection tool for Intelâs commercial PCs. Dubbed the the BlackBerry Optics ...
- BlackBerry Deploys Malware Detection System With Intel Tie-Upon June 18, 2020 at 9:24 am
In a concerted effort to reduce rising cases of cyber crime, BlackBerry Limited BB recently announced the addition of an avant-garde feature to its endpoint detection and response platform with the ...
via Bing News